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COURSE DESCRIPTION: Target Audience: 
Trend Micro” Deep Discovery” Advanced Threat Detection 3.0 Edition 3 Training for Certified ‘ This course is designed for IT 
Professionals is a three-day, instructor-led training course where participants will learn how to plan, : professionals who are responsible for 
deploy, and manage a Deep Discovery threat detection solution, using: : protecting networks from any kind 
: of network, endpoint, or cloud 
* Trend Micro” Deep Discovery™ Inspector : security threats. 


e Trend Micro™ Deep Discovery™ Analyzer 
The individuals who will typically benefit 


e Trend Micro” Deep Discovery™ Director 
the most, include: 





e Trend Micro™ Deep Discovery™ Director - Network Analytics 
e System administrators 





Participants explore key concepts and methodologies of using a blend of Deep Discovery solutions 
for amore complete approach to network security. This course provides a variety of hands-on lab : 
exercises, allowing each student to put the lesson content into action. There will be an opportunity to ‘ * Support engineers 
setup and configure Deep Discovery solution management and administration features, and test their : * Integration engineers 
functionality using the virtual labs. 


* Network engineers 


e Solution and security architects 


A comprehensive look is provided on the purpose, features, and capabilities of Deep Discovery 
network security solutions, including recommendations on best practices and general 
troubleshooting steps for a successful implementation and long-term maintenance of a Deep 
Discovery environment. 


The course also explores various deployment considerations and requirements needed to tie Deep 
Discovery solutions into other Trend Micro products to provide synchronized threat intelligence 
sharing for advanced threat detection. 


KEY INFORMATION 


Trend Micro Deep Discovery Advanced Threat Detection 3.0 Edition 3 Training for 











Course Title: Certified Professionals 
Product ID: TRNN1040 or TRNMOOO3 
Course Length: Three Days 
Level: Professional 





Delivery Language: | English 





Existing account holders can visit the Trend Micro Education Portal for a list of 
To Enroll: available classes. For more information about how to create an account, please visit 
trendmicro.com/education 

















CERTIFICATIONS AND RELATED EXAMINATIONS: 


Upon completion of this course, participants may choose to complete the certification examination to obtain 
designation as a Trend Micro Certified Professional for Deep Discovery Advanced Threat Detection. 





Page1of 3 + DATASHEET + EDUCATION 





PREREQUISITES: 


Before you take this course, Trend Micro recommends that you have a working knowledge of their 
products and services, as well as basic networking concepts and principles. 


Experience with the following products and technologies is also necessary: 


* Windows® servers and clients 


e Firewalls, web application firewalls, packet inspection devices 


* General understanding of malware 


Participants are required to bring a laptop computer, with a recommended screen resolution of at 
least 1980 x 1080 or above, and a display size of 15" or above. 


COURSE Q 





BJECTIVES; 


Upon completion of this course, students will be able to: 


WHY CHOOSE T 


Describe the purpose, features, and capabilities of Deep Discovery advanced threat detection 


solutions 


Configure Deep Discovery Inspector and enable threat detection 


Setup and use administrative and security management features in Deep Discovery Inspector, 


Deep Discovery Ana 
Analytics 


Explain how Connec 


Describe key feature 
products for central 





yzer, Deep Discovery Director, and Deep Discovery Director - Network 


ed Threat Defense works 


s of Deep Discovery Director and how to integrate with other Deep Discovery 


ized management and visibility 


REND MICRO EDUCATION 





Hands-on instruction from Trend Micro certified trainers 


With Trend Micro product certifications, you have the skills to deploy and manage our leading 


security solutions 


On demand orina c 


lassroom, we have the right courses for you 


By sharpening your skills, you are in a position to better detect and respond to the latest attacks 
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FOR MORE INFORMATION: 


Please contact education@trendmicro.com 








DETAILED COURSE OUTLINE: 





The course topics in this training are divided into the following lessons: 


Product Overview 
e Trend Micro Solutions 
e Trend Micro™ Network Defense 


e Key requirements for Trend Micro Network 
Defense 
* Threat classifications 
* Trend Micro Network Defense solutions 
* Deep Discovery 
e Product family 


* Deep Discovery capabilities 





* Deep Discovery integration 


Deep Discovery Inspector 
e Network requirements 
* Deep Discovery Inspector network connections 
e Services accessed by Deep Discovery Inspector 


e Deep Discovery Inspector deployment 
topologies 
* Single connection-single Deep Discovery 
nspector 


* Multiple connections-single Deep Discovery 
nspector 


e Multiple connections—multiple Deep 
Discovery Inspectors 


e Inter-VM traffic 
e Gateway proxy servers 


* Caveats for deploying Deep Discovery 
nspector only at ingress/egress points 





e Understanding the attack cycle 
* Phases of a targeted attack 
* Case study: Pawn storm spear-phishing 


e Deep Discovery 
overview 


hreat detection technology 


Configuring Deep Discovery Inspector 
* Pre-configuration console 
* Configuring network settings 
* Configuring system settings 
* Performing administration tasks 
* Integrating with syslog servers 





* Deep Discovery Inspector Virtual Analyzer 


* Configuring Deep Discovery Inspector 
detection rules 





* Avoiding false positives 
* Troubleshooting Deep Discovery Inspector 
* Checking system performance 


Analyzing Detected Threats in Deep Discovery 
Inspector 


e Using the dashboard to view detected threats 


e Using the detections menu to view and analyze 
detected threats 


TREND. 
MICRO 


Securing Your Connected World 
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* Obtaining key information for analyzing threat 
detections 


e Detection severity information 
e Attack phase information 
* Detection type information 

* Suspicious objects 








e Viewing hosts with command and control 
callbacks 





e Virtual analyzer settings 
e Virtual analyzer cache 
e Virtual analyzer sample processing time 
e File submission issues 


Deep Discovery Analyzer 
e Key features 

* Deep Discovery Analyzer specifications 

* Ports used 

e Wha 


* Deep Discovery Analyzer sandbox 





is Deep Discovery Analyzer looking for? 


* Scanning flow 





* Configuring network settings for Deep Discovery 
Analyzer 





* Using the Deep Discovery Analyzer web console 
* Performing system management functions 


* Performing Deep Discovery Analyzer sandbox 
tasks 


* Product compatibility and integration 

* Submitting samples to Deep Discovery Analyzer 
e Viewing sample submission details 

* Obtaining full details for analyzed samples 

* Managing the suspicious objects list 

* Interpreting results 

* Generating reports 

e Using alerts 
* Preparing and importing a custom sandbox 


Deep Discovery Director 
* Deep Discovery Director key features 
* System requirements 





e Planning a deployment 
* Installing Deep Discovery Director 


* Configuring network settings in the pre- 
configuration console 


* Managing Deep Discovery Director 


. 
Q 


onfiguring deployment plans 

* Managing threat detections 

e Cyber threat intelligence sharing 
Threat sharing interoperability 


* Sharing advanced threats and indicators of 
compromise through STIX and TAXII 





* Using STIX and TAXII in Deep Discovery Director 


Deep Discovery Director - Network Analytics 


Deploying Deep Discovery Director - Network 
Analytics overview 


How it works 
Deploying Deep Discovery Director - Network 
Analytics 
Managing Deep Discovery Director - Network 
Analytics 





* Accessing Deep Discovery Director - Network 


Analytics settings 














* Registering to Deep Discovery Inspector 
* Adding a syslog server 








* Configuring additional settings 
Correlation overview 
etadata samples 
sing correlation data for threat analysis 
iewing correlation data (correlated events) 
eviewing correlation data summary 








ewing the correlation data graph 





ewing correlation data for suspicious objects 





U 
V 
R 
V 
V 
T 


hreat sharing 


Preventing Targeted Attacks Through Connected 
Threat Defense 


Connected Threat Defense life cycle 


Combating targeted attacks with Connected Threat 
Defense 


Key features of Connected Threat Defense 
Connected Threat Defense requirements 
Connected Threat Defense architecture 
Suspicious object list management 





Setting up Connected Threat Defense 
Suspicious objects handling process 


Tracking suspicious objects in Deep Discovery 
Analyzer 


Suspicious object sharing scenarios 


Appendices 
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What's new: 

* Deep Discovery Inspector 5.6 

* Deep Discovery Analyzer 6.8 

* Deep Discovery Director 5.1 SP1 

* Deep Discovery Director - Network Analytics 5.0 
Trend Micro Threat Connect 

Trend Micro product integration 

Deep Discovery threat detection technologies 
Creating sandboxes 

Installing and configuring Deep Discovery Inspector 






